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DETAILED ACTION 

1 . This application has been examined .Claims 8-13 are pending in this 
application 

Information Disclosure Statement 

2. The Examiner has considered the references listed on the Information 
Disclosure statement submitted on 12/14/2005 (see attached PTO-1449. 

Drawings 

3. The examiner contends that the drawings submitted on 12/14/2005 are 
acceptable for examination proceedings. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 8-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chen et al (us 2003/020032 1A1) in view of Weinstein et al (us 2002/0191572 
A1). 
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Regarding claim 8, Chen discloses An arrangement for securing data access 
(secure link to a VPN gateway see abstract) of a first subscriber or a plurality of 
first subscribers arranged in a first sub-network of an automation network (see 
FIG 1 .plurality of subscribers 'client # 104-110' configured on the sub network # 
101 and see automated configuration and setup [0022]) to a second subscriber 
or a plurality of second subscribers arranged in a second sub-network of the 
automation network, the arrangement comprising at least one secure-switch 
connected upstream of the first subscriber or the plurality of first subscribers for 
establishing a tunnel to the second subscriber or the plurality of second 
subscribers, the tunnel configured (tunnel configuration see [0099] and [0024] ) 
to securely transmit data via an insecure network (secure tunnels through 
untrusted (non- secure) networks see [0066] also see abstract). 
Chen does not discloses the secure-switch is an Ethernet switch and at least one 
port of the tunnel is a layer-3- port for establishing a tunnel end point in 
accordance with the IPSec-protocol, and the secure switch is configured to 
establish the tunnel representative for the first subscriber or the plurality Of first 
the and to allocate the tunnel to the first subscriber or the plurality Of first 
subscribers using a subscriber address of the first subscriber or the plurality of 
first subscribers. 

However Weinstein teaches the secure-switch is an Ethernet switch (the 
virtual operator in the switched Ethernet [0083] and at least one port of the tunnel 
is a layer-3- port for establishing a tunnel end point (Label Switched Paths (LSP). 
Before a packet gets into an MPLS domain, a label stack is inserted before its 
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network layer header to serve as a local identifier for an LSP. MPLS routers are 
called Label Switching Routers (LSR)see[0066], in accordance with the Ipsec- 
protocol , and the secure switch is configured to establish the tunnel 
representative for the first subscriber or the plurality Of first the and to allocate 
the tunnel (MPLS paths or tunnels see [0077] to the first subscriber or the 
plurality Of first subscribers using a subscriber address of the first subscriber or 
the plurality of first subscribers (The Ethernet switches implement the MPLS 
paths see [ 0077] also see [0097]). Thus it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to use and modify the 
arrangement of Chen and couple with both ethernet switch and label switch 
paths taught by Weinstein in order to provide secure paths for data transmission. 

Regarding claim 9, note that Chen discloses the arrangement, further 
comprising a configuration tool for configuring the automation network (see FIG 1 
.plurality of subscribers 'client # 104-110' configured on the sub network # 101 
and see automated configuration and setup [0022]) an, the configuration tool 
configured to generate parameter data related to the secure-switch and to 
automatically variety of servers , dedicated processors transmit the generated 
data to the secure-switch ( secure data transfer see [0025]. 

Regarding claim 10, note that Weinstein teaches the arrangement, 
wherein the secure-switch (Ethernet switch the core of each PAMLAN see 
[0057]) comprises at least one port configured as a WLAN end point (public 
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access mobility LAN and air interface see abstract) for establishing a tunnel end 
point. 

Regarding claim 1 1 , note that Weinstein teaches the arrangement , Wherein 
the secure-switch comprises at least one port configured to be used as a tunnel 
end point (subscriber see [0097]), at least one point having a marker (IPsec 
authentication header generate a codeword over the whole packet [0097]). 

Regarding claim 12, note that Weinstein teaches the arrangement, wherein 
the marker is switchable (IPsec authentication header generate a codeword over 
the whole packet [0097] also see FIG 8A and FIG 8B) 

Regarding 13, Chen discloses a secure-switch for securing data access 
(secure link to a VPN gateway see abstract also see secure data transfer [0025].) 
of a first subscriber or a plurality of first subscribers arranged in a first sub- 
network of an automation network to a second subscriber or a plurality of second 
subscribers arranged in a second sub-network of the automation network (see 
FIG 1 .plurality of subscribers 'client # 104-110' configured on the sub network # 
101 and see automated configuration and setup [0022]) wherein the secure 
switch is configured to be connected upstream of the first subscriber or the 
plurality of first subscribers and 

Chen does not explicitly discloses the secure switch is an Ethernet switch having 
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at least one port embodied as a layer-3- port for establishing a tunnel end point in 
accordance with the IPSec protocol. The secure switch comprising 
a Secure Channel Converter for establishing a tunnel to the second subscriber 
or the plurality -of second subscribers, the tunnel configured to securely transmit 
data via an insecure network, wherein the Secure Channel Converter is 
configured to establish the tunnel representative for the first subscriber or the 
plurality of first subscribers and to allocate the tunnel to the first subscriber or the 
plurality of first subscribers using a subscriber address of the first subscriber or 
the plurality of first subscribers. 

However Weinstein teaches the secure switch is an Ethernet switch (the virtual 
operator in the switched Ethernet [0083] having at least one port embodied as a 
layer-3- port for establishing a tunnel end point (Label Switched Paths (LSP). 
Before a packet gets into an MPLS domain, a label stack is inserted before its 
network layer header to serve as a local identifier for an LSP. MPLS routers are 
called Label Switching Routers (LSR) see [0066] in accordance with the IPSec 
protocol, the secure switch comprising 

A Secure Channel Converter for establishing a tunnel to the second subscriber 
or the plurality -of second subscribers(The Ethernet switches implement the 
MPLS paths see [ 0077] also see [0097]). the tunnel configured to securely 
transmit data via an insecure network (secure connection and secure-per packet 
authentication see [0012] and [0097], wherein the Secure Channel (public key 
base secure channel see [0088] Converter is configured to establish the tunnel 
representative for the first subscriber or the plurality of first subscribers and to 
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allocate the tunnel (MPLS paths or tunnels see [0077] to the first subscriber or 
the plurality of first subscribers using a subscriber address of the first subscriber 
or the plurality of first subscribers (The Ethernet switches implement the MPLS 
paths see [ 0077] also see [0097]). Thus it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to use and modify the 
arrangement of Chen and couple with secure connection, secure per packet and 
the public key base channel taught by Weinstein to build up a secure reliable 
network to transmit data. 

Conclusion 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to KHALID ABDALLA whose telephone number 
is (571 )270-7526. The examiner can normally be reached on MONDAY 
THROUGH EVERY OTHER FRIDAY 7 AM TO 5 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, JINHEE LEE can be reached on 571-272-1977. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 
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